2 matches found
CVE-2026-42888
CVE-2026-42888 describes a path traversal flaw in Audiobookshelf prior to version 2.32.2. The podcast creation endpoint at server/controllers/PodcastController.js accepts a user-controlled file path without sufficient boundary validation to constrain it within the intended library directory. This...
Audiobookshelf 路径遍历漏洞
Audiobookshelf is an open-source, self-hosted server for audio books and podcasts. Versions of Audiobookshelf prior to 2.32.2 contained a path traversal vulnerability. This vulnerability stemmed from the podcast creation endpoint accepting user-controlled file paths without adequate boundary...